<?php 
define('PAGE_NEED_PRI','PRI_EDIT');
session_start();include "conn.php";
?>
<?php  include("admin.php");?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title> Bios 管理中心 </title>
<link href="../css/control.css" rel="stylesheet" type="text/css" />
</head>

<body>




<a name="top" id="top"></a>
<div id="all"><!--Wrap start //-->
<div id="main" class="clearfix"><!--main start //-->
<div id="top-1"><?php include_once('blog_top_btn.php');?>
</div>
<!--Content for  id "submenu" Goes Here //-->
<div id="submenu">
<?php include_once('admin_main_btn.php');?>
  </div>
 <!--Content for  id "contact" Goes Here //-->
 <div id="contact">
 
 
 
 <?php 
//修改数据
$id=make_safe($_GET["id"]);
$box1=make_safe($_GET["box1"]);
$box2=make_safe($_GET["box2"]);
$box3=make_safe($_GET["box3"]);
$box4=make_safe($_GET["box4"]);
$box5=make_safe($_GET["box5"]);
$box6=make_safe($_GET["box6"]);
$box7=make_safe($_GET["box7"]);
$box8=make_safe($_GET["box8"]);
$box9=make_safe($_GET["box9"]);


include("check.php");


if($id!="" and $box1!=""){
$query=mysql_query("update guanli set box1='$box1' where id='$id'");
}
if($id!="" and $box2!=""){
$query=mysql_query("update guanli set box2='$box2' where id='$id'");
}
if($id!="" and $box3!=""){
$query=mysql_query("update guanli set box3='$box3' where id='$id'");
}
if($id!="" and $box4!=""){
$query=mysql_query("update guanli set box4='$box4' where id='$id'");
}
if($id!="" and $box5!=""){
$query=mysql_query("update guanli set box5='$box5' where id='$id'");
}
if($id!="" and $box6!=""){
$query=mysql_query("update guanli set box6='$box6' where id='$id'");
}
if($id!="" and $box7!=""){
$query=mysql_query("update guanli set box7='$box7' where id='$id'");
}
if($id!="" and $box8!=""){
$query=mysql_query("update guanli set box8='$box8' where id='$id'");
}
if($id!="" and $box9!=""){
$query=mysql_query("update guanli set box9='$box9' where id='$id'");
}
?>



<?php 
//增加数据

$id=make_safe($_GET["id"]);
$action=make_safe($_GET["action"]);
$username=make_safe($_POST["username"]);
$password=make_safe($_POST["password"]);

$name=make_safe($_POST["name"]);
$tel=make_safe($_POST["tel"]);
$email=make_safe($_POST["email"]);
$address=make_safe($_POST["address"]);


$box1=make_safe($_POST["box1"]);
$box2=make_safe($_POST["box2"]);
$box3=make_safe($_POST["box3"]);
$box4=make_safe($_POST["box4"]);
$box5=make_safe($_POST["box5"]);
$box6=make_safe($_POST["box6"]);
$box7=make_safe($_POST["box7"]);
$box8=make_safe($_POST["box8"]);
$box9=make_safe($_POST["box9"]);

if($box1==""){$box1=0;}
if($box2==""){$box2=0;}
if($box3==""){$box3=0;}
if($box4==""){$box4=0;}
if($box5==""){$box5=0;}
if($box6==""){$box6=0;}
if($box7==""){$box7=0;}
if($box8==""){$box8=0;}
if($box9==""){$box9=0;}



$a1=make_safe($_POST["a1"]);
$a2=make_safe($_POST["a2"]);
$a3=make_safe($_POST["a3"]);
$a4=make_safe($_POST["a4"]);
$a5=make_safe($_POST["a5"]);
$a6=make_safe($_POST["a6"]);
$a7=make_safe($_POST["a7"]);
$a8=make_safe($_POST["a8"]);
$a9=make_safe($_POST["a9"]);

if($a1==""){$a1=0;}
if($a2==""){$a2=0;}
if($a3==""){$a3=0;}
if($a4==""){$a4=0;}
if($a5==""){$a5=0;}
if($a6==""){$a6=0;}
if($a7==""){$a7=0;}
if($a8==""){$a8=0;}
if($a9==""){$a9=0;}



include("check.php");


if($action=="add"){
if($username==""){
echo"SORRY <br>";
echo"请输入管理員帳號!<a href='javascript:history.go(-1)'>返回重输</a><br>";
}
if($password==""){
echo"SORRY <br>";
echo"请输入管理員密碼!<a href='javascript:history.go(-1)'>返回重输</a><br>";
}

if($username!="" and $password!=""){

$sql=mysql_query("select * from guanli where username = '$username'");
$result=mysql_fetch_array($sql);
if ($result!=false){
	echo "<script> alert('[".$username."] 已有的[管理員帳號]！');history.back();</script>";
}
else
{	

$sql="Insert Into guanli (username,password,name,tel,email,address,box1,box2,box3,box4,box5,box6,box7,box8,box9,a1,a2,a3,a4,a5,a6,a7,a8,a9) Values('$username','$password','$name','$tel','$email','$address','$box1','$box2','$box3','$box4','$box5','$box6','$box7','$box8','$box9','$a1','$a2','$a3','$a4','$a5','$a6','$a7','$a8','$a9')";
$result=mysql_query($sql);

echo "<script> alert('管理員 增加成功！');window.location.href='admin_manage.php';</script>";
}


}
}




//删除数据
		if ($action=="del"){
	
		if($id!=""){
			$sql="Delete from guanli  where id in (".$id.")";
			$result=mysql_query($sql);
			
			echo "<script>window.location.href='admin_manage.php';</script>";
		}
	}
?>
 







   
  <form   action="admin_manage.php?action=add" method="post" name="form1"  > 
  <table width="308" height="131"  border="1"  cellpadding="1" cellspacing="0" bordercolor="#FFFFFF" >
                
                <tr> 
                  <td width="13%" height="22" > <div align="right">管理員帳號：</div></td>
                  <td width="87%" ><input name="username" type="text" id="username" size="16" maxlength="20"></td>
                </tr>
				
				
				<tr> 
                  <td height="22" > <div align="right">權限：</div></td>
                  <td ><a href="#" title="系統管理->系統全部管理權限，也是最高權限"><input name="box1" type="checkbox" value="1" checked>系統管理</a>&nbsp;&nbsp;</td>
				</tr>
				
				
				
				
				<tr>
			
				<td colspan="2" >
                 
				 <table id="blog" style="display:none"  bordercolor="#FFFFFF" >
     <tr>
       <td>
           <input type="checkbox" name="a1" value="1" />
           Flavor
           <input type="checkbox" name="a2" value="1" />
           Trend
           <input type="checkbox" name="a3" value="1" />
           City
           <input type="checkbox" name="a4" value="1" />
           Traveling
           <input type="checkbox" name="a5" value="1" />
           Opinion
           <input type="checkbox" name="a6" value="1" />
           collection
           
		   </td>
     </tr>

   </table>
				 
				 	   
		   </td>		
		   </tr>
		   		
				
				
                <tr> 
                  <td height="22" > <div align="right">管理員密碼：</div></td>
                  <td bordercolor="#FFFFFF" ><input name="password" type="password" size="16" maxlength="20"></td>
                </tr>
				
                <tr> 
                  <td height="22" > <div align="right">確認密碼：</div></td>
                  <td ><input name="conpassword" type="password" size="16" maxlength="20"></td>
                </tr>
				
				<tr> 
                  <td height="22" > <div align="right">姓名：</div></td>
                  <td ><input name="name" type="text" size="16" maxlength="20"></td>
                </tr>
				
				<tr> 
                  <td height="22" > <div align="right"><span class="contact-admin-l">郵件</span>：</div></td>
                  <td ><input name="email" type="text" size="16" maxlength="20"></td>
                </tr>
				
				
				<tr> 
                  <td height="22" > <div align="right"><span class="contact-admin-l">msn</span>：</div></td>
                  <td ><input name="msn" type="text" size="16" maxlength="20"></td>
                </tr>
				
				
				<tr> 
                  <td height="22" > <div align="right"><span class="contact-admin-l">電話</span>：</div></td>
                  <td ><input name="tel" type="text" size="16" maxlength="20"></td>
                </tr>
				
				<tr> 
                  <td height="22" > <div align="right"><span class="contact-admin-l">個人網址</span>：</div></td>
                  <td ><input name="address" type="text" size="16" maxlength="20"></td>
                </tr>
				
                <tr> 
                  <td height="22" colspan="2" ><div align="center"><INPUT type="submit" value='確認新增' onClick="return check(form1);"  name="Submit2">
                  </div></td>
                </tr>
      </table>
   </form>
   </br>
   
   
   
   <SCRIPT type=text/javascript>
   function check_blog(id){
   
   if (document.getElementById(id).style.display == "none"){
   document.getElementById(id).style.display = "block";
  
   }
   else
   {
   document.getElementById(id).style.display = "none";
 
   }  
   
   
   }
   </SCRIPT>
   
   
   
   <table width="100%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#FFFFFF">
                <tr > 
                  <td width="9%" height="27"  > 
                  <div align="center">帳號</div></td>
                  <td width="8%" ><div align="center">密碼</div></td>
                  <td width="10%" ><div align="center"><a href="#" title="系統管理->系統全部管理權限，也是最高權限">系統管理</a></div></td>
				  <td width="11%" > 
                  <div align="center">操作</div></td>
                  <td width="11%" > 
                  <div align="center">操作</div></td>
                </tr>
<?php 
    $sql="select * from guanli where box1='1' order by id";	
	$result=mysql_query($sql);
	while ($row=mysql_fetch_object($result)){
	?>
 <tr  onMouseOver="this.style.backgroundColor='#00CCFF'" onMouseOut="this.style.backgroundColor=''"> 
                  <td height="22"> 
                  <div align="center"><?php echo $row->username;?></div></td>
                  <td> 
                  <div align="center"><?php echo $row->password;?></div></td>
                  <td>
                  <?php if($row->username != 'aDmin_biOs-pAi'):?>
                  <div align="center"><?php if($row->box1==1) {?>
                      <a href="admin_manage.php?id=<?php echo $row->id;?>&box1=0" title="系統管理->系統全部管理權限，也是最高權限"> <font color="red">√</font></a>
                      <?php }else{?>
                      <b><a href="admin_manage.php?id=<?php echo $row->id;?>&box1=1" title="系統管理->系統全部管理權限，也是最高權限">×</a></b>
                      <?php }?>
                  </div>
                  <?php endif;?>
                  </td>
                  <td> 
                    <div align="center">
                  <a href='admin_password.php?id=<?php echo $row->id;?>&username=<?php echo $row->username;?>'>修改密碼</a>                    </div></td>
                  <td> 
                    <div align="center">
                     <?php if($row->username != 'aDmin_biOs-pAi'):?>
				  <a href="admin_manage.php?id=<?php echo $row->id;?>&action=del" onClick="return ConfirmDel();">刪除</a>                    </div>
				   <?php endif;?>
				  </td>
        </tr>
<?php }?>
      </table>
   
   
   
 </div>
  <!--Content for  id "contact_page" Goes Here //-->

</div><!-- main end //-->
</div><!--Wrap end //-->
<div id="botton">
 <?php include_once('admin_botton_btn.php');?>
</div>


<script language="javascript">
<!--

function ConfirmDel()
{
   if(confirm("確定要刪除選擇的項目嗎？一旦刪除將不能恢複！"))
     return true;
   else
     return false;	 
}


</SCRIPT>

<script language="javascript">
	function check(form1){
		if(document.form1.username.value==""){
			alert("请输入管理員帳號!");document.form1.username.focus();return false;		
		}
		if(form1.password.value==""){
			alert("请输入管理員 密碼!");document.form1.password.focus();return false;
		}
		
		if(document.form1.password.value!=document.form1.conpassword.value){
			alert("對不起，您輸入的確認密碼不正確!");document.form1.conpassword.focus();return false;
		}
		
		
		if(document.form1.name.value==""){
			alert("请输入管理員 姓名!");document.form1.name.focus();return false;		
		}
		
		if(document.form1.email.value==""){
			alert("请输入管理員 電子郵件!");document.form1.email.focus();return false;		
		}
		
		
		if(document.form1.msn.value==""){
			alert("请输入管理員 MSN!");document.form1.msn.focus();return false;		
		}
		
		if(document.form1.tel.value==""){
			alert("请输入管理員 聯絡電話!");document.form1.tel.focus();return false;		
		}
		
		
		if(document.form1.address.value==""){
			alert("请输入管理員 個人網址!");document.form1.address.focus();return false;		
		}
		
	}
</script>


</body>
</html>
